Vulnerable IoMT Devices creating havoc
In today’s Internet of Things (IoT) world, devices are being connected to the network to increase functionality and enable remote access to become smart devices. In recent years hospitals have faced various cyber attacks. They present tempting targets given the potential damage they unleash, affecting multiple services. Medical devices are also jumping onto this trend to connect to the internet for better vitals reporting and intelligent doses based on real-time data. These devices are known as the Internet of Medical Things (IoMT). The IoMT is a network of internet-connected medical devices, software applications, and hardware infrastructure to connect to healthcare information technology. For example, IoMT allows wireless communication and remote devices access over the internet to enable rapid medical data analysis. According to a survey, the IoMT’s impact will increase from $41.17 billion in 2020 to 187.60 billion by 2028.
Many healthcare devices, like insulin pumps and pacemakers to ultrasounds and monitors, are becoming smart, but they also have worrying security vulnerabilities. The infusion pumps are the latest in the long list of medical devices with security vulnerabilities. Infusion pumps are devices that pump medication nutrients inside the patient’s body. These devices are used to infuse very small or a particular amount of medication doses without error; the stakes are high when the problem arises. The USA’s FDA(Food and Drug Administration) received nearly 56,000 events related to infusion pumps between 2005 and 2009, causing multiple cases of injuries and death. Due to these products like B.Braun infusomat space, large volume pumps are locked at the software level, making it challenging to send commands directly.
Types of vulnerabilities observed in infusion pumps
- Leakage of sensitive information- Numerous devices have several information security vulnerabilities. Sensitive data like medical records, operational data, or network configuration credentials have been exposed.
- Overflow and Unauthorized Access- Can give unauthenticated access to anyone and access the device. Hackers can then bombard the devices with network traffic to make the devices unresponsive, leading to severe health issues.
- Vulnerabilities in third-party TCP/IP stacks- Many IoMT devices use third-party operating systems and their libraries, inheriting their vulnerabilities.
Proactively secure your infusion pumps.
Today the spreading of threats, number of devices in service, and behaviours make the security challenge impossible. Here are some ways by which one can secure infusion pumps:-
- Accurate discovery and inventory- teams must be able to locate, discover and assess the utilization of the infusion pumps. The discovery of infusion pumps helps for an accurate list shared with asset management.
- Holistic risk assessment is a practice that helps the team find vulnerabilities and identify any other errors. With the help of machine learning, can establish a baseline and provide risk assessment.
- Apply risk reduction policies- real-time risk monitoring, reporting, and alerting will be crucial for an organization to reduce IoMT risk. It can accurately convert risk-based Zero Trust policy recommendations by profiling device activity.
- Prevent Threats- the vast nature of IoMT devices will need awareness to detect and prevent known vulnerabilities against infusion pumps devices for a swift response. In addition, the built-in threat detection will help block some known IoT /IoMT malware, spyware, and exploits to prevent the loss of sensitive data.
